2016’s top malware threats show a shift in attack patterns

The methodology of malware and cyber attacks has shown a significant shift in 2016, according to the State of Malware report from Malwarebytes.

Although ransomware is the favorite attack method used against business, ad fraud malware is growing fast and poses a substantial threat to both consumers and businesses.

The report shows ransomware distribution between January 2016 and November 2016 increased by 267 percent. In the fourth quarter of 2016 nearly 400 variants of ransomware were cataloged by Malwarebytes. Ransomware detections accounted for 12.3 percent of all enterprise threats, but only 1.8 percent of consumer threats, and 81 percent of ransomware detected in corporate environments occurred in North America.

Ad fraud malware was dominated by Kovter which is mainly targeted at Americans, with 68.64 percent of all infections occurring in the US. Other trends include the increased use of botnets to recruit IoT devices with the Kelihos botnet growing 785 percent in July and 960 percent in October.

In the mobile arena the report notes the increased use of randomization by malware authors to evade detection from mobile security engines. Brazil, Indonesia, the Philippines, and Mexico made it into the top 10 countries for Android malware detections. The high level of Android malware in developing countries can be attributed to the extensive use of relatively unsecured third-party app stores.

“To protect users from cybercriminals, we need to intimately understand their methodologies and tactics,” says Marcin Kleczynski, Malwarebytes CEO. “Our findings demonstrate that the frequency and variety of new cyber attacks has crashed into people and businesses at an alarming rate. The last year involved an onslaught of ransomware, a surge of pernicious ad fraud and new, dangerous uses for botnets. These threats have the potential to erode many of the gains that computing is providing global society. Both consumers and businesses need to better understand how these new attack methodologies may impact them.”

The full report is available to download from the Malwarebytes website.